Documentation Index Fetch the complete documentation index at: https://docs.masker.dev/llms.txt
Use this file to discover all available pages before exploring further.
Returns complete detail for a single session, including every individual redaction event with span coordinates, confidence scores, and token metadata. This is the endpoint to use when you need to investigate a specific call, verify what PHI was detected, or pull the merkle_root_hex for audit chain-of-custody verification.
If log_payloads: true is set in the agent’s masking policy, the response also includes the original request, masked payload sent to the LLM, and the final response. Payloads are null by default.
Endpoint GET /api/v1/sessions/{session_id}
Requires masker_session authentication.
Path parameters The session’s ID in sess_* ULID format, e.g. sess_01HYZ....
Response fields Full session object. Hide session object fields
Session ID in sess_* ULID format.
ID of the agent that handled this session.
Display name of the agent.
ISO 8601 UTC timestamp when the session started.
ISO 8601 UTC timestamp when the session ended.
Total session duration in milliseconds.
Outcome: ok, error, or partial.
LLM model used, e.g. gpt-4o-mini.
Name of the masking policy active at the time of the session.
Version of the masking policy active at the time of the session.
Breakdown of processing latency by pipeline stage. Show stage duration fields
Time spent on PHI detection in milliseconds.
Time spent on tokenization (vault operations) in milliseconds.
Time spent waiting for the upstream LLM in milliseconds.
Time spent on token rehydration in the response in milliseconds.
Array of individual redaction events for this session. Event ID in evt_* ULID format.
Detection pass that identified this entity (e.g. gemma).
PHI category, e.g. NAME, PHONE, DOB, SSN.
[start, end] character offsets in the original message.
Model confidence score from 0 to 1.
Tokenization format applied, e.g. MSKV1.
Key ID used to issue the token, e.g. K_HEALTHCARE.
Raw payloads. All fields are null unless log_payloads: true is set in the agent’s policy. Original request body received by the proxy.
Masked request body forwarded to the upstream LLM.
Final response returned to the caller, with tokens rehydrated.
Example curl -H "Cookie: masker_session=ey..." \ https://masker-voice.fly.dev/api/v1/sessions/sess_01HYZ...
{ "session" : { "id" : "sess_01HYZ..." , "agent_id" : "agt_01HYZ..." , "agent_name" : "appointment-bot-prod" , "started_at" : "2026-05-03T21:14:32Z" , "ended_at" : "2026-05-03T21:14:32.794Z" , "duration_ms" : 794 , "status" : "ok" , "upstream_model" : "gpt-4o-mini" , "policy_name" : "healthcare-default" , "policy_version" : 1 , "stage_durations_ms" : { "detection" : 56 , "tokenize" : 4 , "upstream" : 728 , "rehydrate" : 6 }, "events" : [ { "event_id" : "evt_01HYZ..." , "pass" : "gemma" , "entity_kind" : "NAME" , "span" : [ 142 , 156 ], "confidence" : 0.94 , "token_kind" : "MSKV1" , "kid" : "K_HEALTHCARE" } ], "payloads" : { "request" : null , "masked" : null , "response" : null } } }
Errors Status Code Meaning 401unauthenticatedMissing or invalid masker_session cookie 404session_not_foundNo session with this ID exists in your account